Updated wireshark packages fix security vulnerabilities

Updated wireshark packages fix security vulnerabilities: RTP dissector crash CVE-2014-6421, CVE-2014-6422. MEGACO dissector infinite loop CVE-2014-6423. Netflow dissector crash CVE-2014-6424. RTSP dissector crash CVE-2014-6427. SES dissector crash CVE-2014-6428. Sniffer file parser crash...

CVE-2014-6430

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service application crash via a crafted file...

CVE-2014-6432

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service application crash via a crafted file...

openSUSE Security Update : wireshark (openSUSE-SU-2013:1481-1)

This wireshark update to 1.8.10 fixes several security and non security bugs. bnc839607 + vulnerabilities fixed : - The NBAP dissector could crash. wnpa-sec-2013-55 CVE-2013-5718 - The ASSA R3 dissector could go into an infinite loop. wnpa-sec-2013-56 CVE-2013-5719 - The RTPS dissector could...

Mandriva Linux Security Advisory : php (MDVSA-2014:115)

Updated php packages fix security vulnerabilities : A flaw was found in the way file's Composite Document Files CDF format parser handle CDF files with many summary info entries. The cdfunpacksummaryinfo function unnecessarily repeatedly read the info from the same offset. This led to many...

Updated php packages fix CVE-2014-0237-8

Updated php packages fix security vulnerabilities: A flaw was found in the way file's Composite Document Files CDF format parser handle CDF files with many summary info entries. The cdfunpacksummaryinfo function unnecessarily repeatedly read the info from the same offset. This led to many...

Wireshark MPEG File Parser 'wiretap/mpeg.c'缓冲区溢出漏洞

Bugtraq ID：66066 CVE ID：CVE-2014-2299 Wireshark（前称Ethereal）是一款非常流行的开源网络流量分析软件。 攻击者可以利用漏洞是应用程序崩溃，或执行任意代码。 0 MandrakeSoft Enterprise Server 5 x8664 MandrakeSoft Enterprise Server 5 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.wireshark.org/...

Wireshark 1.8.x < 1.8.13 Multiple Vulnerabilities

The installed version of Wireshark 1.8.x is a version prior to 1.8.13. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - NFS dissector CVE-2014-2281 - RLC dissector CVE-2014-2283 Additionally, a flaw exists in the 'mpegread' function in the MPEG file...

Wireshark 1.10.x < 1.10.6 Multiple Vulnerabilities

The installed version of Wireshark 1.10.x is a version prior to 1.10.6. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - NFS dissector CVE-2014-2281 - M3UA dissector CVE-2014-2282 - RLC dissector CVE-2014-2283 Additionally, a flaw exists in the...

Debian Security Advisory DSA 2871-1 (wireshark - several vulnerabilities)

Multiple vulnerabilities were discovered in Wireshark: CVE-2014-2281 Moshe Kaplan discovered that the NFS dissector could be crashed, resulting in denial of service. CVE-2014-2283 It was discovered that the RLC dissector could be crashed, resulting in denial of service. CVE-2014-2299 Wesley Neele...

MGASA-2014-0125 Updated wireshark packages fix multiple vulnerabilies

Updated wireshark packages fix security vulnerabilities: The NFS dissector could crash CVE-2014-2281. The RLC dissector could crash CVE-2014-2283. The MPEG file parser could overflow a buffer CVE-2014-2299...

Wireshark Multiple Vulnerabilities-01 (Sep 2013) - Windows

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

Updated wireshark package fixes security vulnerabilities

The ASSA R3 dissector could go into an infinite loop CVE-2013-5719. The RTPS dissector could overflow a buffer CVE-2013-5720. The MQ dissector could crash CVE-2013-5721. The LDAP dissector could crash CVE-2013-5722. The Netmon file parser could crash wpna-sec-2013-60...

SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8318 / 8319)

This wireshark version update from 1.8.8 to 1.8.9 includes several security and general bug fixes. bnc831718 http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html - The Bluetooth SDP dissector could go into a large loop CVE-2013-4927 wnpa-sec-2013-45 - The DIS dissector could go into a larg...

Debian Security Advisory DSA 2756-1 (wireshark - several vulnerabilities)

Multiple vulnerabilities were discovered in the dissectors for LDAP, RTPS and NBAP and in the Netmon file parser, which could result in denial of service or the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2756.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from...

Wireshark 1.8.x < 1.8.10 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 1.8.10. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.8.10 advisory. - Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allo...

[SECURITY] [DSA 2734-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2734-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 05, 2013 http://www.debian.org/security/faq -...

DSA-2734-1 wireshark - several

Bulletin has no description...

Mandriva Linux Security Advisory : wireshark (MDVSA-2013:204)

Updated wireshark package fixes security vulnerabilities : The Bluetooth SDP dissector could go into a large loop CVE-2013-4927. The DIS dissector could go into a large loop CVE-2013-4929. The DVB-CI dissector could crash CVE-2013-4930. The GSM RR dissector and possibly others could go into a lar...

Design/Logic Flaw

The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...